<?php
include 'checkLogin.php';
@$worker_id = $_REQUEST ['worker_id'];
@$id = $_SESSION ['userId'];
@$code = $_REQUEST['code'];
@$login = $_REQUEST ['login'];
@$password = $_REQUEST ['password'];
@$newPwd = $_REQUEST ['newPwd'];
@$newPwd2 = $_REQUEST ['newPwd2'];

if(empty($code)||empty($login)||empty($password)||empty($newPwd)||empty($newPwd2)){
	$mes = '都必须填写';
	include 'ediWorkerLog.php';
	die;
}
include 'db/code.php';
if(!checkCode($code)){
	$mes = '验证码错误';
	include 'ediWorkerLog.php';
	die;
}
include 'db/li.php';
@$user = dbSelect('select id,password from user where login=:login',array('login'=>$login));
if (empty ( $user )) {
	$mes = "原帐号错误";
	include 'ediWorkerLog.php';
	die;
}
if ($user ['password'] != $password) {
	$mes = "原密码错误";
	include 'ediWorkerLog.php';
	die;
}
if ($newPwd != $newPwd2) {
	$mes = "两次新密码输入不一致";
	include 'ediWorkerLog.php';
	die;
}
@$flog = dbUpdate('update user set password=:pwd where id=:id',array('pwd'=>$newPwd,'id'=>$id));
if ($flog) {
	unset ( $_SESSION );
	header ( 'Refresh:0;url=/changeLogOk.php' );
	die();
} else {
	$mes = '修改失败';
	include 'ediWorkerLog.php';
	die;
}
